PDFAccess PDF to accessible web content
← Journal
Legislation

The European Accessibility Act (EAA): What Is Required of Banks, E-commerce, and Telecoms?

7 min min read

Since 28 June 2025, the European Accessibility Act (EAA) has been in force across the EU. For the first time, private companies face statutory accessibility requirements — including online banks, webshops, and telecoms providers. This article covers who is covered, what is required, and what transition arrangements apply through to 2030.

What Is the European Accessibility Act?

The European Accessibility Act (EAA) — EU Directive 2019/882 on accessibility requirements for products and services — entered into force across all EU member states on 28 June 2025. It extends accessibility requirements to private companies operating in a number of key market sectors.

The background is straightforward: the EU Web Accessibility Directive (Directive 2016/2102) applies only to public sector bodies. Millions of citizens with disabilities encounter digital barriers every day with private providers — in online banking, in webshop checkout flows, and in telecoms self-service portals. The EAA now sets explicit requirements for these services to be accessible to all.

The EAA is a product and services directive, not purely a web accessibility directive. It covers both physical products — such as ATMs, ticketing machines, and computers — and digital services. For the digital dimension, the directive references the harmonised European standard EN 301 549, which incorporates WCAG 2.1 AA as the technical benchmark. In Denmark, the directive has been implemented through the Act on Accessibility Requirements for Products and Services (LTA/2022/801), which entered into force on 28 June 2022 but applies from 28 June 2025.

Who Is Covered by the EAA?

The EAA applies in principle to all private companies offering the following products or services in the EU:

  • Electronic communications: Telecoms providers and broadband operators, including telephony, SMS, and internet access — as well as number-independent interpersonal communications services (NIICS) such as email, WhatsApp, and Messenger
  • Access to audiovisual media services: Platforms delivering broadcast television, video on demand, and similar content
  • Banking services: Online and mobile banking, ATMs, and consumer credit services
  • E-commerce: Webshops and digital marketplaces selling goods or services to consumers
  • E-books and dedicated reading devices
  • Transport services: Ticketing and digital travel information systems for air, rail, bus, and maritime transport

The requirements apply only in relation to consumers — businesses providing exclusively B2B services are not within scope.

The Micro-Enterprise Exemption

The EAA includes an important exemption for micro-enterprises providing services (not products): businesses with fewer than 10 employees and an annual turnover or balance sheet total below EUR 2 million are exempt from the directive’s requirements. The exemption does not apply to products — a micro-enterprise manufacturing or importing hardware remains fully within scope.

Additionally, businesses may invoke exemptions for disproportionate burden and fundamental alteration — where compliance would either impose an unreasonable resource burden or fundamentally change the nature of the service. Both exemptions require concrete, written documentation, which must be retained for at least five years and submitted to the supervisory authority on request.

What Is Concretely Required?

Requirements vary by sector, but for digital services the common core is that the user interface must meet WCAG 2.1 AA — the same standard applied to public sector websites. In practice, this means:

For banks and financial service providers: Online banking portals and mobile banking apps must be operable with screen readers and keyboards. Payment flows — including digital authentication integrations and confirmation dialogs — must follow WCAG 2.1 AA. ATMs are also covered: display contrast, font rendering, and navigation logic must meet accessibility requirements. The directive also requires that account statements and documents made available digitally are readable with assistive technologies.

For webshops and e-commerce providers: Product search, shopping cart, checkout, and order confirmation flows must all be accessible. This includes the identification and correction of form errors — a common barrier for users with cognitive disabilities. CAPTCHA mechanisms that rely solely on visual recognition are inaccessible and must be replaced or supplemented. Mobile apps must meet the same requirements as the web version.

For telecoms and electronic communications providers: Customer portals, self-service platforms, and apps must be accessible. The directive also imposes sector-specific requirements: services providing voice communication must offer Real-Time Text (RTT). Services providing both voice and video must support total communication — that is, synchronised voice, text, and video. Emergency communications (112) must be reachable via these alternative channels.

Transition Arrangements Through to 2030

The EAA applies from 28 June 2025, but the directive contains significant transition arrangements:

Existing service agreements concluded before 28 June 2025 may continue unchanged until they expire — but no later than 28 June 2030. This gives service providers time to adapt without immediately having to terminate or renegotiate contracts.

Services delivered using products that were lawfully in use before 28 June 2025 may continue to be provided via those products until 28 June 2030 — without the product needing to be brought into conformity.

New services and products launched after 28 June 2025 must meet requirements from the date of launch — no transition period applies to what is new.

The transition arrangements reduce the immediate compliance pressure, but they should not be confused with exemptions. Supervisory authorities can already receive complaints and initiate control procedures.

Supervision and Enforcement in Denmark

Supervision of the EAA in Denmark is divided between two authorities depending on sector:

The Danish Safety Technology Authority (Sikkerhedsstyrelsen) is the primary market surveillance authority and supervises the majority of products and services covered by the legislation — including webshops, banking services, and a wide range of other product categories. The Financial Supervisory Authority (Finanstilsynet) is the sectoral authority for the financial area, but it is Sikkerhedsstyrelsen that conducts the practical supervision.

The Danish Agency for Digital Government (Digitaliseringsstyrelsen) supervises compliance with accessibility requirements for electronic communications services and NIICS — that is, telecoms providers, broadband operators, and internet-based communications services such as email and messaging apps.

Both authorities may demand documentation from businesses, conduct inspections, and order non-compliant situations to be rectified within a set deadline. If an order is not complied with, the authority may direct the business to cease selling or providing the service. Non-compliance may also be subject to fines.

Digital Documents and Accessibility Under the EAA

One practical area that the EAA touches for many businesses is digital documents. Banks providing account statements, loan agreements, and terms and conditions as PDF files must ensure these documents are accessible with assistive technologies. The same applies to webshops providing invoices, receipts, and terms of sale as PDFs.

For these businesses, the same principles apply as for public sector bodies: PDF documents that are the only means of accessing information should either meet the PDF/UA standard or be made available as an accessible HTML alternative. Converting existing PDF documents to WCAG 2.1 AA-compatible HTML is in many cases a faster and more cost-effective path than manual PDF/UA remediation — particularly for businesses with large document archives.

Checklist: Is Your Business Ready for the EAA?

Use this checklist as a starting point for an internal assessment:

  • Is your business and its services covered by the directive’s product and service categories?
  • Is your business a micro-enterprise (fewer than 10 employees, below EUR 2 million turnover/balance) — and does the exemption apply?
  • Have your digital services — website, app, checkout flow — been tested against WCAG 2.1 AA?
  • Are new products and services launched after 28 June 2025 accessible from the date of launch?
  • Is there a documented plan for bringing existing services into compliance before 28 June 2030?
  • Are digital documents (PDFs, invoices, contracts) readable with screen readers?
  • Does your communications service support Real-Time Text (RTT) if you provide voice communication?
  • Is your customer service accessible through alternative channels for users with communication difficulties?